fix: resolve CORS issues with Netlify Identity and add security headers for custom domain
This commit is contained in:
+21
-12
@@ -118,23 +118,32 @@ Netlify redirect rules for admin routing
|
|||||||
|
|
||||||
## Troubleshooting
|
## Troubleshooting
|
||||||
|
|
||||||
### Fixed Issues:
|
### Current Issue: CORS Error
|
||||||
|
|
||||||
✅ **"Unable to access identity settings"** - This was fixed by enabling Identity and Git Gateway in Netlify
|
❌ **CORS Error**: `Access to script at 'https://identity.netlify.com/v1/netlify-identity-widget.js' from origin 'https://taslak.radio.org.tr' has been blocked by CORS policy`
|
||||||
✅ **Confirmation email links not working** - Created `/auth` page to handle authentication tokens
|
|
||||||
|
|
||||||
### Current Setup Status:
|
**This means**: Netlify Identity is not properly configured for your custom domain `taslak.radio.org.tr`
|
||||||
|
|
||||||
The site now has:
|
### Solutions (Try in order):
|
||||||
- Custom authentication handler at `/auth`
|
|
||||||
- Proper redirect handling for confirmation emails
|
|
||||||
- Automatic routing from hash-based tokens to query parameters
|
|
||||||
|
|
||||||
**If you're still getting confirmation email issues:**
|
#### Solution 1: Configure Custom Domain in Netlify Identity
|
||||||
1. Go to https://app.netlify.com/sites/ym1ktc/settings/identity
|
1. Go to https://app.netlify.com/sites/ym1ktc/settings/identity
|
||||||
2. Check that Identity is enabled
|
2. Check **"Site domains"** section
|
||||||
3. Go to Services tab and ensure "Git Gateway" is enabled
|
3. Add `taslak.radio.org.tr` to allowed domains
|
||||||
4. The confirmation links should now work properly
|
4. Save and wait 5-10 minutes for DNS propagation
|
||||||
|
|
||||||
|
#### Solution 2: Use Primary Netlify Domain for Admin
|
||||||
|
- Use https://ym1ktc.netlify.app/admin/ instead of custom domain for CMS access
|
||||||
|
- This should work immediately as it's the primary domain
|
||||||
|
|
||||||
|
#### Solution 3: Alternative Git-based Workflow (Recommended)
|
||||||
|
- Use GitHub-based editing instead of Netlify CMS
|
||||||
|
- Content editors can edit markdown files directly in GitHub
|
||||||
|
- Changes auto-deploy to Netlify
|
||||||
|
|
||||||
|
### Quick Test:
|
||||||
|
Try accessing: https://ym1ktc.netlify.app/admin/
|
||||||
|
If this works, the issue is custom domain configuration.
|
||||||
|
|
||||||
### Common Issues:
|
### Common Issues:
|
||||||
|
|
||||||
|
|||||||
@@ -5,6 +5,8 @@ backend:
|
|||||||
media_folder: 'src/assets/images'
|
media_folder: 'src/assets/images'
|
||||||
public_folder: '/_astro'
|
public_folder: '/_astro'
|
||||||
|
|
||||||
|
locale: 'tr' # Türkçe olarak ayarlandı
|
||||||
|
|
||||||
site_url: https://taslak.radio.org.tr
|
site_url: https://taslak.radio.org.tr
|
||||||
display_url: https://taslak.radio.org.tr
|
display_url: https://taslak.radio.org.tr
|
||||||
|
|
||||||
|
|||||||
@@ -1,6 +1,22 @@
|
|||||||
[build]
|
[build]
|
||||||
publish = "dist"
|
publish = "dist"
|
||||||
|
|
||||||
|
[context.production.environment]
|
||||||
|
NETLIFY_SITE_URL = "https://taslak.radio.org.tr"
|
||||||
|
|
||||||
|
[[headers]]
|
||||||
|
for = "/*"
|
||||||
|
[headers.values]
|
||||||
|
X-Frame-Options = "DENY"
|
||||||
|
X-XSS-Protection = "1; mode=block"
|
||||||
|
X-Content-Type-Options = "nosniff"
|
||||||
|
Referrer-Policy = "strict-origin-when-cross-origin"
|
||||||
|
|
||||||
|
[[headers]]
|
||||||
|
for = "/decapcms/*"
|
||||||
|
[headers.values]
|
||||||
|
X-Frame-Options = "SAMEORIGIN"
|
||||||
|
|
||||||
[[redirects]]
|
[[redirects]]
|
||||||
from = "/#confirmation_token=*"
|
from = "/#confirmation_token=*"
|
||||||
to = "/auth?confirmation_token=:splat"
|
to = "/auth?confirmation_token=:splat"
|
||||||
|
|||||||
@@ -37,7 +37,7 @@ const { language, textDirection } = I18N;
|
|||||||
<Analytics />
|
<Analytics />
|
||||||
|
|
||||||
<!-- Netlify Identity for Decap CMS -->
|
<!-- Netlify Identity for Decap CMS -->
|
||||||
<script src="https://identity.netlify.com/v1/netlify-identity-widget.js"></script>
|
<script is:inline src="https://identity.netlify.com/v1/netlify-identity-widget.js"></script>
|
||||||
|
|
||||||
<!-- Comment the line below to disable View Transitions -->
|
<!-- Comment the line below to disable View Transitions -->
|
||||||
<ClientRouter fallback="swap" />
|
<ClientRouter fallback="swap" />
|
||||||
@@ -49,7 +49,7 @@ const { language, textDirection } = I18N;
|
|||||||
<BasicScripts />
|
<BasicScripts />
|
||||||
|
|
||||||
<!-- Netlify Identity initialization -->
|
<!-- Netlify Identity initialization -->
|
||||||
<script>
|
<script is:inline>
|
||||||
if (window.netlifyIdentity) {
|
if (window.netlifyIdentity) {
|
||||||
window.netlifyIdentity.on('init', (user) => {
|
window.netlifyIdentity.on('init', (user) => {
|
||||||
// Check if we're on a page that needs authentication handling
|
// Check if we're on a page that needs authentication handling
|
||||||
|
|||||||
@@ -8,7 +8,7 @@
|
|||||||
<meta charset="utf-8" />
|
<meta charset="utf-8" />
|
||||||
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
|
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
|
||||||
<title>Kimlik Doğrulama - ARC</title>
|
<title>Kimlik Doğrulama - ARC</title>
|
||||||
<script src="https://identity.netlify.com/v1/netlify-identity-widget.js"></script>
|
<script is:inline src="https://identity.netlify.com/v1/netlify-identity-widget.js"></script>
|
||||||
<style>
|
<style>
|
||||||
body {
|
body {
|
||||||
font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, sans-serif;
|
font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, sans-serif;
|
||||||
@@ -78,7 +78,7 @@
|
|||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
<script>
|
<script is:inline>
|
||||||
// Handle Netlify Identity authentication
|
// Handle Netlify Identity authentication
|
||||||
if (window.netlifyIdentity) {
|
if (window.netlifyIdentity) {
|
||||||
// Handle the confirmation/recovery tokens
|
// Handle the confirmation/recovery tokens
|
||||||
|
|||||||
Reference in New Issue
Block a user